search

hashicorp / terraform

Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
https://www.terraform.io/
Other
42.74k stars 9.56k forks source link

'Directory is invalid' error connecting to remote Windows host via bastion. #24955

Closed orisvscs closed 2 months ago

orisvscs commented 4 years ago

Terraform Version

Terraform v0.12.24

Background: I have installed OpenSSH feature on Windows Server 2019 - two nodes (bastion node in public subnet, and another in private subnet). Used Terraform to correctly establish connection to remote (private node) via bastion, but any inline statements doesn't get executed and throws an error ‘The directory name is invalid.’

Additional Context

Others have reported similar issue few months back too.

  1. https://www.reddit.com/r/Terraform/comments/ffnmpa/terraform_ssh_connection_to_windows_10_the/
  2. https://stackoverflow.com/questions/60593138/terraform-ssh-connection-to-windows-10-the-directory-name-is-invalid

Snippet to reproduce

resource "null_resource" "remote-exec-windows" {

  provisioner "remote-exec" {
    connection {
      type     = "ssh"
      timeout  = "1m"
      #Windows Private Node
      host     = "PrivateNodesPrivateIP" 
      user     = "administrator"
      port     = 22
      private_key = file("path-to--private-key")
      #Windows bastion
      bastion_host = "BastionHostPublicIP"
      bastion_port = "22"
      #bastion_user = "administrator"
      bastion_private_key = file("path-to-private-key")
      #https    = "true"
      #insecure = "true"
      agent = "false"                                                               
    }

    inline = [
      "sleep 10",
    ]
  }
}

Debug Output

null_resource.remote-exec-windows[0]: Provisioning with 'remote-exec'... null_resource.remote-exec-windows[0] (remote-exec): Connecting to remote host via SSH... null_resource.remote-exec-windows[0] (remote-exec): Host: PrivateNodesPrivateIP null_resource.remote-exec-windows[0] (remote-exec): User: administrator null_resource.remote-exec-windows[0] (remote-exec): Password: false null_resource.remote-exec-windows[0] (remote-exec): Private key: true null_resource.remote-exec-windows[0] (remote-exec): Certificate: false null_resource.remote-exec-windows[0] (remote-exec): SSH Agent: false null_resource.remote-exec-windows[0] (remote-exec): Checking Host Key: false null_resource.remote-exec-windows[0] (remote-exec): Using configured bastion host... null_resource.remote-exec-windows[0] (remote-exec): Host: BastionHostPublicIP null_resource.remote-exec-windows[0] (remote-exec): User: administrator null_resource.remote-exec-windows[0] (remote-exec): Password: false null_resource.remote-exec-windows[0] (remote-exec): Private key: true null_resource.remote-exec-windows[0] (remote-exec): Certificate: false null_resource.remote-exec-windows[0] (remote-exec): SSH Agent: false null_resource.remote-exec-windows[0] (remote-exec): Checking Host Key: false null_resource.remote-exec-windows[0] (remote-exec): Connected! null_resource.remote-exec-windows[0] (remote-exec):

Expected Behavior

Terraform should execute the inline statements but it doesn't.

Actual Behavior

Terraform throws an error ‘The directory name is invalid.’

Additional Context

Others have reported similar issue few months back too.

  1. https://www.reddit.com/r/Terraform/comments/ffnmpa/terraform_ssh_connection_to_windows_10_the/
  2. https://stackoverflow.com/questions/60593138/terraform-ssh-connection-to-windows-10-the-directory-name-is-invalid
orisvscs commented 4 years ago

Debug Output includes the error 'The directory name is invalid.' No matter which Windows related command you include in the inline section, it will throw the error.

danieldreier commented 4 years ago

@orisvscs I've started working on reproducing this, and fell down a bit of a rabbit hole trying to use rsadecrypt to get the password_data. I'm just working on triage, so I can't promise a fix, but I'm trying to get a good reproduction case sorted out.

orisvscs commented 4 years ago

Daniel, greatly appreciated. Thanks for looking into this issue - this is impacting anyone that's using ssh with Windows and leveraging Terraform.

danieldreier commented 4 years ago

Just FYI - I've worked on this more today. I'm just working on basic setup - I've been setting up a Windows EC2 instance via TF and must have something wrong with my networking or security groups because I'm not getting even RDP or ping into it. Are you doing this on AWS? Azure?

orisvscs commented 4 years ago

@danieldreier - I have provisioned Windows VMs on Oracle Cloud, but it shouldn't matter. Issue will appear no matter where we create the VMs. You need to ensure that the subnet (in which instances reside) allows RDP traffic over 3389 port. If you want, we can talk over the phone and I can help.

orisvscs commented 4 years ago

@danieldreier - Any news/update would be appreciated. Thanks

danieldreier commented 4 years ago

My incomplete reproduction case for this is at https://github.com/danieldreier/terraform-issue-reproductions/tree/master/24975 - the next step here is to finish it. If you can get that to the point where it reproduces the issue I can escalate this further.

crw commented 2 months ago

Closing as no reproduction has been provided. Thanks!

github-actions[bot] commented 1 month ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.